Описание
The Gentoo sci-mathematics/gimps package before 28.10-r1 for Great Internet Mersenne Prime Search (GIMPS) allows local users to gain privileges by creating a hard link under /var/lib/gimps, because an unsafe "chown -R" command is executed.
Ссылки
- Issue TrackingPatchThird Party Advisory
- Issue TrackingPatchThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:gentoo:sci-mathematics-gimps:28.10:*:*:*:*:*:*:*
EPSS
Процентиль: 8%
0.0003
Низкий
7.3 High
CVSS3
6.9 Medium
CVSS2
Дефекты
CWE-269
Связанные уязвимости
CVSS3: 7.3
github
больше 3 лет назад
The Gentoo sci-mathematics/gimps package before 28.10-r1 for Great Internet Mersenne Prime Search (GIMPS) allows local users to gain privileges by creating a hard link under /var/lib/gimps, because an unsafe "chown -R" command is executed.
EPSS
Процентиль: 8%
0.0003
Низкий
7.3 High
CVSS3
6.9 Medium
CVSS2
Дефекты
CWE-269